WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress Sync QCloud COS plugin version prior to 2.0.1 contains a cross-site scripting vulnerability that stems from the plugin’s failure to escape some of its settings. An attacker could exploit this vulnerability to perform cross-site scripting attacks.